Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade commander from 7.0.0 to 7.2.0 #5

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade commander from 7.0.0 to 7.2.0 #5

wants to merge 1 commit into from

Conversation

TheManager73
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade commander from 7.0.0 to 7.2.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 2 versions ahead of your current version.

  • The recommended version was released on 3 years ago.

Release notes
Package name: commander
  • 7.2.0 - 2021-03-21

    Added

    • TypeScript typing for parent property on Command (#1475)
    • TypeScript typing for .attributeName() on Option (#1483)
    • support information in package (#1477)

    Changed

    • improvements to error messages, README, and tests
    • update dependencies
  • 7.1.0 - 2021-02-15

    Added

    • support for named imports from ECMAScript modules (#1440)
    • add .cjs to list of expected script file extensions (#1449)
    • allow using option choices and variadic together (#1454)

    Fixed

    • replace use of deprecated process.mainModule (#1448)
    • regression for legacy command('*') and call when command line includes options (#1464)
    • regression for on('command:*', ...) and call when command line includes unknown options (#1464)
    • display best error for combination of unknown command and unknown option (i.e. unknown command) (#1464)

    Changed

    • make TypeScript typings tests stricter (#1453)
    • improvements to README and tests
  • 7.0.0 - 2021-01-15

    Added

    • .enablePositionalOptions() to let program and subcommand reuse same option (#1427)
    • .passThroughOptions() to pass options through to other programs without needing -- (#1427)
    • .allowExcessArguments(false) to show an error message if there are too many command-arguments on command line for the action handler (#1409)
    • .configureOutput() to modify use of stdout and stderr or customise display of errors (#1387)
    • use .addHelpText() to add text before or after the built-in help, for just current command or also for all subcommands (#1296)
    • enhance Option class (#1331)
      • allow hiding options from help
      • allow restricting option arguments to a list of choices
      • allow setting how default value is shown in help
    • .createOption() to support subclassing of automatically created options (like .createCommand()) (#1380)
    • refactor the code generating the help into a separate public Help class (#1365)
      • support sorting subcommands and options in help
      • support specifying wrap width (columns)
      • allow subclassing Help class
      • allow configuring Help class without subclassing

    Changed

    • Breaking: options are stored safely by default, not as properties on the command (#1409)
      • this especially affects accessing options on program, use program.opts()
      • revert behaviour with .storeOptionsAsProperties()
    • Breaking: action handlers are passed options and command separately (#1409)
    • deprecated callback parameter to .help() and .outputHelp() (removed from README) (#1296)
    • Breaking: errors now displayed using process.stderr.write() instead of console.error()
    • deprecate .on('--help') (removed from README) (#1296)
    • initialise the command description to empty string (previously undefined) (#1365)
    • document and annotate deprecated routines (#1349)

    Fixed

    • wrapping bugs in help (#1365)
      • first line of command description was wrapping two characters early
      • pad width calculation was not including help option and help command
      • pad width calculation was including hidden options and commands
    • improve backwards compatibility for custom command event listeners (#1403)

    Deleted

    • Breaking: .passCommandToAction() (#1409)
      • no longer needed as action handler is passed options and command
    • Breaking: "extra arguments" parameter to action handler (#1409)
      • if being used to detect excess arguments, there is now an error available by setting .allowExcessArguments(false)

    Migration Tips

    The biggest change is the parsed option values. Previously the options were stored by default as properties on the command object, and now the options are stored separately.

    If you wish to restore the old behaviour and get running quickly you can call .storeOptionsAsProperties().
    To allow you to move to the new code patterns incrementally, the action handler will be passed the command twice,
    to match the new "options" and "command" parameters (see below).

    program options

    Use the .opts() method to access the options. This is available on any command but is used most with the program.

    program.option('-d, --debug');
program.parse();
// Old code before Commander 7
if (program.debug) console.log(`Program name is ${program.name()}`);
    // New code
const options = program.opts();
if (options.debug) console.log(`Program name is ${program.name()}`);

    action handler

    The action handler gets passed a parameter for each command-argument you declared. Previously by default the next parameter was the command object with the options as properties. Now the next two parameters are instead the options and the command. If you
    only accessed the options there may be no code changes required.

    program
  .command('compress <filename>')
  .option('-t, --trace')
  // Old code before Commander 7
  .action((filename, cmd) => {
    if (cmd.trace) console.log(`Command name is ${cmd.name()}`);
  });
      // New code
  .action((filename, options, command) => {
    if (options.trace) console.log(`Command name is ${command.name()}`);
  });

    If you already set .storeOptionsAsProperties(false) you may still need to adjust your code.

    program
  .command('compress <filename>')
  .storeOptionsAsProperties(false)
  .option('-t, --trace')
  // Old code before Commander 7
  .action((filename, command) => {
    if (command.opts().trace) console.log(`Command name is ${command.name()}`);
  });
       // New code
   .action((filename, options, command) => {
      if (command.opts().trace) console.log(`Command name is ${command.name()}`);
   });
from commander GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade commander from 7.0.0 to 7.2.0
83b3cc5 
Snyk has created this PR to upgrade commander from 7.0.0 to 7.2.0.

See this package in npm:
commander

See this project in Snyk:
https://app.snyk.io/org/themanager73/project/6a5adfc4-b4c3-4d2c-80ec-e4e87e645db5?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@TheManager73 @snyk-bot